Commentaries and Analyses – Page 73

Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data

Posted on March 28, 2024 by Dissent

AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. This technology breakdown is the latest in a string of failures at UNOS, which for 40 years…

Med-Data data leak $7M class action settlement

Posted on March 21, 2024 by Dissent

There is an update to a data leak incident discovered and reported by independent researcher Jelle Ursem and DataBreaches.net in April 2021. Top Class Actions reports that Med-Data, a business associate that handles health insurance claims data, has agreed to pay $7 million to resolve claims that one of its employees publicly posted patient information on…

Another plastic surgery group has fallen victim to a ransomware attack – Long Island Plastic Surgical Group/NYSPG (2)

Posted on March 19, 2024 by Dissent

On March 8, DataBreaches learned of another attack on a plastic surgery group. This time, it was the Long Island Plastic Surgical Group, a group that has 10 locations in New York and dozens of doctors. This is another ransomware story that may have a very unhappy ending for patients and employees. Hit by Two…

The 2024 Breach Barometer reports a staggering 171 million patient records breached. And that’s just the ones we know about.

Posted on March 19, 2024 by Dissent

Each year, many news sites add up the number of reports on HHS’s public breach tool and then add up the number of records reported for those incidents. For 2023, that came to 725 reports and about 135 million records. Those numbers are disturbing, but not as disturbing as the numbers out today by Protenus….

Decreasing ransomware attacks: two strategies to consider

Posted on March 18, 2024 by Dissent

Experts agree that a ban on ransom payments should decrease ransomware attacks, but concerns about implementing any ban are not trivial. Here are two ideas to consider. Proposal 1: Increasing the Sanctions List Expanding the sanctions list to include every ransomware group with a leak site might make threat actors less likely to threaten victims…

FCC Updated Data Breach Notification Rules Go into Effect Despite Challenges

Posted on March 14, 2024 by Dissent

Hunton Andrews Kurth writes that on March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect despite legal challenges. The rules were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). Their previous blog post explained the Rules: Pursuant to the…